mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-03 21:20:45 -05:00
9b698362a3
Backport #27143 by @lunny Partially Fix #25041 This PR redefined the meaning of column `is_active` in table `action_runner_token`. Before this PR, `is_active` means whether it has been used by any runner. If it's true, other runner cannot use it to register again. In this PR, `is_active` means whether it's validated to be used to register runner. And if it's true, then it can be used to register runners until it become false. When creating a new `is_active` register token, any previous tokens will be set `is_active` to false. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
92 lines
2.3 KiB
Go
92 lines
2.3 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package private
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
actions_model "code.gitea.io/gitea/models/actions"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/json"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/private"
|
|
"code.gitea.io/gitea/modules/util"
|
|
)
|
|
|
|
// GenerateActionsRunnerToken generates a new runner token for a given scope
|
|
func GenerateActionsRunnerToken(ctx *context.PrivateContext) {
|
|
var genRequest private.GenerateTokenRequest
|
|
rd := ctx.Req.Body
|
|
defer rd.Close()
|
|
|
|
if err := json.NewDecoder(rd).Decode(&genRequest); err != nil {
|
|
log.Error("%v", err)
|
|
ctx.JSON(http.StatusInternalServerError, private.Response{
|
|
Err: err.Error(),
|
|
})
|
|
return
|
|
}
|
|
|
|
owner, repo, err := parseScope(ctx, genRequest.Scope)
|
|
if err != nil {
|
|
log.Error("%v", err)
|
|
ctx.JSON(http.StatusInternalServerError, private.Response{
|
|
Err: err.Error(),
|
|
})
|
|
}
|
|
|
|
token, err := actions_model.GetLastestRunnerToken(ctx, owner, repo)
|
|
if errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
|
|
token, err = actions_model.NewRunnerToken(ctx, owner, repo)
|
|
if err != nil {
|
|
err := fmt.Sprintf("error while creating runner token: %v", err)
|
|
log.Error("%v", err)
|
|
ctx.JSON(http.StatusInternalServerError, private.Response{
|
|
Err: err,
|
|
})
|
|
return
|
|
}
|
|
} else if err != nil {
|
|
err := fmt.Sprintf("could not get unactivated runner token: %v", err)
|
|
log.Error("%v", err)
|
|
ctx.JSON(http.StatusInternalServerError, private.Response{
|
|
Err: err,
|
|
})
|
|
return
|
|
}
|
|
|
|
ctx.PlainText(http.StatusOK, token.Token)
|
|
}
|
|
|
|
func parseScope(ctx *context.PrivateContext, scope string) (ownerID, repoID int64, err error) {
|
|
ownerID = 0
|
|
repoID = 0
|
|
if scope == "" {
|
|
return ownerID, repoID, nil
|
|
}
|
|
|
|
ownerName, repoName, found := strings.Cut(scope, "/")
|
|
|
|
u, err := user_model.GetUserByName(ctx, ownerName)
|
|
if err != nil {
|
|
return ownerID, repoID, err
|
|
}
|
|
ownerID = u.ID
|
|
|
|
if !found {
|
|
return ownerID, repoID, nil
|
|
}
|
|
|
|
r, err := repo_model.GetRepositoryByName(u.ID, repoName)
|
|
if err != nil {
|
|
return ownerID, repoID, err
|
|
}
|
|
repoID = r.ID
|
|
return ownerID, repoID, nil
|
|
}
|